AMENDMENTS TO THE CLAIMS 



1. (Currently Amended) A method of providing access to services across a computer 
network, comprising the step of: 

generating an authentication, authorization and access request by a requesting network 
access device through which , upon a successful authentication and authorization 
of an end user device to the computer network, the end user device can obtain 
access to network resources, said authentication, authorization and access request 
comprising a requesting network access device description and a plurality of 
service requests indicative of computer services for which the requesting network 
access device requests provisioning; 

wherein the requesting network access device description includes one or more of: a 

requesting network access device vendor, a requesting network access device type 
and a requesting network access device version; and 

forwarding , to an authentication, authorization and access-control server, said 
authentication, authorization and access request for authentication and 
authorization of the end user device to the computer network . 

2. (Original) A method according to Claim 1 in which the access request is a RADIUS 
packet, the service requests being defined by information contained within Vendor- 
Specific Attribute (VSA) blocks in the said packet. 

3. (Previously Presented) A method according to Claim 2 in which each said block contains 
a requesting network access device-type identifier and a service-request identifier. 

4. (Original) A method according to Claim 2 in which the packet is a RADIUS-compliant 
authentication request packet. 

5. (Canceled) 
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6. (Original) A method according to Claim 1 in which the service requests include a request 
for a particular service level. 

7. (Original) A method according to Claim 1 in which a policy is applied to the access 
request to determine whether access will be allowed, and if so for what services. 

8. (Previously Presented) A method according to Claim 1 in which said network resources 
are provisioned in dependence upon the access request. 

9. (Original) A method according to Claim 1 in which the steps of receiving and applying 
are performed by an access-control server or an Authentication, Authorization and Audit 
(AAA) server. 

10. (Original) A method according to Claim 9 in which the access-control server uses the 
access request to select among multiple services that are specified for a particular device. 

11. (Currently Amended) A network device arranged to provide access to services across a 
computer network, comprising: 

means for generating an authentication, authorization and access request by a requesting 
network access device through which , upon a successful authentication and 
authorization of an end user device to the computer network, the end user device 
can obtain access to network resources, said authentication, authorization and 
access request comprising a requesting network device description and a plurality 
of service requests indicative of computer services for which the requesting 
network access device requests provisioning; 

wherein the device description includes one or more of: a requesting network access 

device vendor, a requesting network access device type and a requesting network 
access device version; and 
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means for forwarding , to an authentication, authorization and access-control server, said 
authentication, authorization and access request for authentication and 
authorization of the end user device to the computer network . 



12. (Original) A network device according to Claim 1 1 including means to generate 
RADIUS-compliant packets, the service requests being defined by information contained 
within Vendor-Specific Attribute (VSA) blocks in this said packet. 

13. (Currently Amended) A network device, comprising: 

a network interface capable of being coupled to a requesting network access device and a 
computer network and for sending to the network access requests, a processor and 
a computer-readable storage medium having one or more stored sequences of 
instructions which, when executed, cause the processor to perform the steps of: 

generating an authentication, authorization and access request by the requesting network 
access device through which , upon a successful authentication and authorization 
of an end user device to the computer network, the end user device can obtain 
access to network resources for forwarding via the network interface, said 
authentication, authorization and access request comprising a requesting network 
access device description and a plurality of service requests indicative of 
computer services for which the requesting network access device requests 
provisioning; 

wherein the requesting network access device description includes one or more of: a 

requesting network access device vendor, a requesting network access device type 
and a requesting network access device; and 

forwarding , to an authentication, authorization and access-control server, said 
authentication, authorization and access request for authentication and 
authorization of the end user device to the computer network . . 

14. (Original) A network device according to Claim 13 in which the access request is 
received as a RADIUS packet, the service requests being defined by information 
contained within Vendor-Specific Attribute (VSA) blocks in this said packet. 
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15. (Previously Presented) A network device according to Claim 14 in which each said block 
contains a requesting network access device-type identifier and a service -request 
identifier. 

16. (Original) A network device according to Claim 14 in which the packet is a RADIUS- 
compliant authentication request packet. 

17. (Canceled) 

18. (Original) A network device according to Claim 13 in which the service requests 
include a request for a particular service level. 

19. (Currently Amended) A computer system comprising 

an access-control server for controlling access to resources on the network when 
requested by requesting network access devices, the access-control server being arranged: 

(a) to receive an authentication, authorization and access request by a requesting network 
access device through which , upon a successful authentication and authorization of an 
end user device to the computer network, the end user device can obtain access to 
network resources, said authentication, authorization and access request comprising a 
requesting network access device description and a plurality of service requests 
indicative of computer services for which the requesting network access device 
requests provisioning; 

wherein the requesting network access device description includes one or more 
of: a requesting network access device vendor, a requesting network access device 
type and a requesting network access device version; and 

(b) to apply a policy to the authentication, authorization and access request to determine 
whether the end user device can access the computer network will be allowed , and if 
so for what services. 
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20. (Original) A computer system according to Claim 19 in which the access control server 
instructs the provisioning of network resources in dependence upon the access request. 



21. (Original) A computer system according to Claim 19 in which the access-control server 
is an Authentication, Authorization and Audit (AAA) server. 

22. (Original) A computer system according to Claim 19 in which the access-control server 
uses the access request to select among multiple services that are specified for a particular 
device. 

23. (Currently Amended) A computer-readable storage medium storing a sequence of 
instructions which, when executed by one or more processors, causes said processor or 
processors to perform the steps of: 

generating an authentication, authorization and access request by a requesting network 
access device through which , upon a successful authentication and authorization 
of an end user device to the computer network, the end user device can obtain 
access to network resources, said authentication, authorization and access 
comprising a requesting network access device description and a plurality of 
service requests indicative of computer services for which the requesting network 
access device requests provisioning; 

wherein the requesting network access device description includes one or more of: a 

requesting network access device vendor, a requesting network access device type 
and a requesting network access device version; and 

forwarding , to an authentication, authorization and access-control server, said 
authentication, authorization and access request for authentication and 
authorization of the end user device to the computer network . 

24. (Previously Presented) A computer-readable storage medium according to Claim 23 
further including instructions for generating a RADIUS packet, the service requests being 
defined by information contained within Vendor-Specific Attribute (VSA) blocks in said 
packet. 
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25. 



(Previously Presented) A computer-readable storage medium according to Claim 24 
further including instructions for creating within each said block a requesting network 
access device-type identifier and a service-request identifier. 



26. (Previously Presented) A computer-readable storage medium according to Claim 24 in 
which the generated packet is a RADIUS-compliant authentication request packet. 

27. (Previously Presented) A computer-readable storage medium according to Claim 23, in 
which the requesting network access device description includes one or more of device 
vendor, device type and device version. 

28. (Previously Presented) A computer-readable storage medium according to Claim 23, in 
which service requests include a request for a particular service level. 

29. (Previously Presented) A network device as claimed in claim 1 1 or claim 13 comprising 
a requesting network access device which controls end-user device access to a network, 
and which requests services on behalf of one or more said end-user devices. 

30. (Previously Presented) A network device as claimed in claim 1 1 or claim 13 in which 
said requesting network access device requests services for its own use. 



50325-0837 (Seq. No. 7345) 



7 



